You can do this programatically by reading the following:
and
Basically, you will need to use the following functions:
SSLeay()
SSLeay_version()
Question
I have a pre-built OpenSSL library (libssl.a and libcrypto.a) which are being used for my C++ application. I don't know the version of the OpenSSL library.
Is there any way to get the version number from these pre-built libraries?
Solution 2
You can do this programatically by reading the following:
and
Basically, you will need to use the following functions:
SSLeay()
SSLeay_version()
OTHER TIPS
There is a string inside the library containing the version details called SSLEAY_VERSION - it looks like:
OpenSSL 0.9.5a 1 Apr 2000
OpenSSL 1.0.1e-fips 11 Feb 2013
You can find this from the binary library using strings and grep:
strings libcrypto.so | grep "^OpenSSL \S\+ [0-9]\+ \S\+ [0-9]\+"
Well the filtering may may not always work. You could do
strings libssl.so | grep "^OpenSSL"
OpenSSLDie
OpenSSL 1.0.2n 7 Dec 2017
strings libcrypto.so | grep "^OpenSSL"
OpenSSLDie
OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
OpenSSL 1.0.2n 7 Dec 2017
OpenSSL HMAC method
OpenSSL EC algorithm
OpenSSL RSA method
OpenSSL DSA method
OpenSSL ECDSA method
OpenSSL DH Method
OpenSSL X9.42 DH method
OpenSSL PKCS#3 DH method
OpenSSL ECDH method
OpenSSL 'dlfcn' shared library method
OpenSSL default
OpenSSL default user interface
OpenSSL CMAC method
I needed a variant of https://stackoverflow.com/a/26635393/597742 that would work on systems without strings
installed. It's sufficiently different that it seemed worthwhile to post as its own answer:
grep --text -o 'OpenSSL [[:digit:]][^ ]*' /file/to/check
--text
allows the binary to be checked directly, -o
accounts for the lack of line separators by only printing the matching text.
A point worth noting for both this answer and the strings
based answer: in addition to being useful to check the OpenSSL version of libssl
or libcrypto
, they also work to check OpenSSL versions in statically linked binaries.
On a Debian you might ask the package manager:
# apt list -a openssl
Listing... Done
openssl/stable-security,now 1.1.1n-0+deb11u4 amd64 [installed,automatic]
openssl/stable 1.1.1n-0+deb11u3 amd64
On a RedHat linux ask its package manager:
$ dnf list --all openssl
Last metadata expiration check: 0:01:53 ago on Mon 13 Mar 2023 01:14:50 PM UTC.
Installed Packages
openssl.x86_64 1:1.1.1k-6.el8_5 @Common